We have been told these types of systems are the way of the future for a smart country such as Australia and digitally transforming legacy processes will ultimately increase productivity.

The only problem is that these systems have to actually work. They need to work in such a way that the public have confidence in them and can access them at any time.

The Census failure was comprehensively reviewed and most of the important information was made public. This type of public disclosure is a first and the government should be given kudos for doing that.

The review found that there were several causes for the failure, all culminating in an unplanned outage that, in the end, the ABS actually implemented itself. In a subsequent inquiry, IBM appeared to shoulder some of the blame for the technical and project management failures.

This left the ABS realising that it cannot outsource risk and needed to communicate better in a time of crisis. The main recommendation from the review was that agencies should take responsibility for system operations and perform independent reviewing and testing using technically qualified people so they have a better chance of knowing if a system is “good to go”.

With those lessons learnt, taxpayers could have assumed that ATO management would have taken on board recommendations from the inquiry and independently checked their systems to ensure they would work as planned.

One critical system which you would expect would be tested thoroughly and regularly would be the backup system, right? Wrong! It doesn’t appear that the ATO did this testing because the agency had a subsequent failure of its backup systems.

How can this be? The ATO would have to be compliant with various IT management standards which all prescribe regular testing of backups.

It is unfortunate that the ATO had a major failure in its storage system and I am sure they will find out what happened with the aid of HPE. But to not have tested their recovery mechanism is something which cannot be easily overlooked.

The public really needs to know what is happening and it begs the question: ‘Is this type of problem endemic within the ATO’s systems or indeed other major systems in government?’

The ATO said it will engage an ‘independent expert’ to undertake an end-to-end review into what happened and why, and what needs to happen to ensure the incident doesn’t occur again. I asked the ATO yesterday who the expert is, when will they report, and will the report be made public? The agency declined to provide those details.

In contrast, one of the good things to come from the ABS failure was the public were fairly quickly informed about the nature of the problems and what will be done in the future to avoid them. I am not getting any sense from disclosures by the ATO this is going to happen for their outages.

If the inability to recover from this storage system failure can happen to the ATO, an agency that operates sophisticated IT infrastructure servicing millions of Australians, within one month, what chance do smaller agencies have?

The governments vision of a digitally smart country where government is dealing with citizens through online transactions will only happen if the public trust the systems and they are reliable.

There is no point putting “lipstick on a pig” by implementing online transactional systems using tired backend infrastructure, which was designed to support 9 to 5 operations, 5 days a week. The type of back end system that is needed to support around-the-clock online transactions needs to be built with all the requirements of reliability and availability addressed up front.

Given the extent of the ATO outages and the time taken to recover, it may be appropriate for Angus Taylor, who is responsible for the Digital Transformation Agency, to reassure us that the backend systems upon which our digital future will be reliant, are fit for purpose. I question whether the ATO’s are and wonder if these failures are a sign of more pain to come.

Ian Brightwell is principal consultant at DH4. He was previously director of information technology and CIO at the NSW Electoral Commission.

ARN Connect - As security threats surge, what’s the MSP master plan?

This ARN Connect event - in association with Cisco, Kaseya and Webroot - outlined the blueprint for security success in Australia, assessing the emerging market threats while detailing how MSPs can maximise investment in 2018 and beyond.

Copyright 2017 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.